| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 461160 | Journal of Systems and Software | 2012 | 8 Pages |
Differential fault analysis exploits faults to find secret information stored in a cryptographic device. It utilizes differential information between correct and faulty ciphertexts. We introduce new techniques to improve the previous differential fault analysis of ARIA. ARIA is a general-purpose involutional SPN (substitution permutation network) block cipher and was established as a Korean standard block cipher algorithm in 2004. While the previous method by Li et al. requires 45 faults, our method needs 13 faults to retrieve the 128-bit secret key of ARIA. If access to the decryption oracle is allowed, our method only needs 7 faults. We analyze the characteristics of the diffusion layer of ARIA in detail, which leads us to reduce the number of required faults to find the key.
► We introduce new differential fault attacks on ARIA that requires much less faults compared to the previous work. ► We propose a generalized technique that works with arbitrary corrupted bytes (a maximum of four bytes) while the previous attack works only with one byte fault. ► We show that the enhancement in terms of security against traditional cryptanalysis may be helpful in differential fault analysis.
